Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          6oiGh22mEs31kP1VcEzuWtBoeJzEojveZ4gt5Eo/GJw=
Subject key identifier:   26:6F:D5:44:FA:98:D6:A7:43:81:98:81:6F:82:7A:17:83:81:B8:40
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       019CAFB66BB159B972E72543E7255549904D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          099A
Signing time:             Mon 02 Mar 2026 18:01:33 +0000
Manifest this update:     Mon 02 Mar 2026 18:01:33 +0000
Manifest next update:     Tue 03 Mar 2026 18:01:33 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: NDDzmmVuNaWJUBHi758KKnzY2DCGGm5arbEPhI4zjEQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:b6:6b:b1:59:b9:72:e7:25:43:e7:25:55:49:90:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Mar  2 18:01:33 2026 GMT
            Not After : Mar  3 18:01:33 2026 GMT
        Subject: CN=266fd544fa98d6a7438198816f827a178381b840
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:85:aa:6d:75:27:03:f4:64:ed:ce:ab:f6:e0:
                    4f:69:5c:67:eb:a1:d5:21:9a:1e:10:42:84:4b:be:
                    69:e1:4d:ea:a0:5b:57:da:0f:3f:b6:d9:4f:ea:19:
                    0f:fb:3f:a4:0a:17:73:b4:dc:c4:d1:55:75:2d:d3:
                    60:da:bf:c5:a2:21:3b:a1:97:be:5a:4b:25:b3:35:
                    57:a1:ed:ef:f1:84:16:3d:de:aa:94:8e:78:7c:e7:
                    f2:cd:74:16:cd:7b:77:c8:a7:f4:ed:ae:a2:42:a4:
                    82:53:9c:35:67:9c:80:f7:7a:16:83:55:1d:31:4d:
                    5d:92:15:94:a5:b9:56:81:a3:52:01:2b:42:4b:34:
                    1a:94:ff:4c:53:d1:f6:57:6a:ac:cd:d8:28:59:21:
                    c4:b6:1e:c2:d0:4f:b1:0a:70:7c:ee:35:00:73:95:
                    c2:b3:ca:94:51:9e:81:b0:11:48:8e:86:fa:c4:c2:
                    1d:51:54:1a:ec:20:c4:98:ae:42:8b:13:ea:c2:8a:
                    98:06:e7:60:75:40:76:41:22:d9:06:a0:67:5b:62:
                    c0:3b:b2:16:f7:64:66:3f:00:c0:d3:14:eb:cb:fe:
                    53:21:c4:69:16:3a:ab:a7:c7:02:32:af:b6:0d:fa:
                    80:ec:f3:2a:04:46:df:39:72:cc:45:97:f0:60:3e:
                    36:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:6F:D5:44:FA:98:D6:A7:43:81:98:81:6F:82:7A:17:83:81:B8:40
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:d0:b3:ca:12:4c:70:eb:87:e6:9e:e2:0f:2d:00:16:dd:9e:
         0f:e5:aa:b9:88:2d:81:80:a4:69:56:66:f2:e4:35:58:e1:a9:
         28:6c:e1:4a:a9:8e:76:5b:8a:9f:3f:59:3b:99:5c:9a:c9:c4:
         5d:5d:fe:99:9e:7b:9d:fc:3d:49:9b:39:f9:7b:13:a9:6a:70:
         ca:e2:8e:06:cc:33:01:0f:38:5b:51:8c:4d:23:b2:6d:12:d3:
         fe:72:e5:ef:f6:69:6b:f6:ec:96:04:ab:00:39:b7:f5:e4:d6:
         61:e7:ba:b7:b6:f5:de:72:e1:fb:38:72:55:c1:c2:2f:20:76:
         ff:08:32:3e:17:e7:12:d7:43:f3:b7:f7:09:6b:82:ff:95:ab:
         bf:2a:d8:bd:0c:5e:54:b5:3c:16:4a:94:28:32:af:5f:dc:87:
         61:58:5f:55:1c:61:af:b2:df:1a:20:57:90:ca:d8:71:5e:e0:
         04:a9:b1:ab:76:d9:c4:12:80:15:37:f3:76:1f:84:ac:1a:de:
         f7:f2:ca:03:ee:16:27:28:e8:12:a0:a7:c2:c5:f4:e6:54:cb:
         d9:13:00:47:dd:18:db:96:67:5a:86:93:0a:17:06:a0:36:49:
         21:49:89:fb:9f:3e:7e:76:30:a7:13:ea:60:54:ee:50:05:46:
         77:0e:3a:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvtmuxWbly5yVD5yVVSZBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjYwMzAyMTgwMTMzWhcNMjYwMzAzMTgwMTMzWjAzMTEwLwYDVQQD
EygyNjZmZDU0NGZhOThkNmE3NDM4MTk4ODE2ZjgyN2ExNzgzODFiODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIWqbXUnA/Rk7c6r9uBPaVxn66HV
IZoeEEKES75p4U3qoFtX2g8/ttlP6hkP+z+kChdztNzE0VV1LdNg2r/FoiE7oZe+
WkslszVXoe3v8YQWPd6qlI54fOfyzXQWzXt3yKf07a6iQqSCU5w1Z5yA93oWg1Ud
MU1dkhWUpblWgaNSAStCSzQalP9MU9H2V2qszdgoWSHEth7C0E+xCnB87jUAc5XC
s8qUUZ6BsBFIjob6xMIdUVQa7CDEmK5CixPqwoqYBudgdUB2QSLZBqBnW2LAO7IW
92RmPwDA0xTry/5TIcRpFjqrp8cCMq+2DfqA7PMqBEbfOXLMRZfwYD42+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZv1UT6mNanQ4GYgW+CeheDgbhAMB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYtCzyhJM
cOuH5p7iDy0AFt2eD+WquYgtgYCkaVZm8uQ1WOGpKGzhSqmOdluKnz9ZO5lcmsnE
XV3+mZ57nfw9SZs5+XsTqWpwyuKOBswzAQ84W1GMTSOybRLT/nLl7/Zpa/bslgSr
ADm39eTWYee6t7b13nLh+zhyVcHCLyB2/wgyPhfnEtdD87f3CWuC/5WrvyrYvQxe
VLU8FkqUKDKvX9yHYVhfVRxhr7LfGiBXkMrYcV7gBKmxq3bZxBKAFTfzdh+ErBre
9/LKA+4WJyjoEqCnwsX05lTL2RMAR90Y25ZnWoaTChcGoDZJIUmJ+58+fnYwpxPq
YFTuUAVGdw460Q==
-----END CERTIFICATE-----